The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows local users to cause a denial of service (buffer overflow) or possibly have unspecified other impact by creating a symlink through which the openlitespeed program can be invoked with a long command name (involving ../ characters), which is mishandled in the LshttpdMain::getServerRootFromExecutablePath function.
References
Link | Resource |
---|---|
https://github.com/litespeedtech/openlitespeed/issues/117 | Exploit Vendor Advisory |
https://github.com/litespeedtech/openlitespeed/issues/117 | Exploit Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:58
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/litespeedtech/openlitespeed/issues/117 - Exploit, Vendor Advisory |
Information
Published : 2018-12-03 06:29
Updated : 2024-11-21 03:58
NVD link : CVE-2018-19792
Mitre link : CVE-2018-19792
CVE.ORG link : CVE-2018-19792
JSON object : View
Products Affected
litespeedtech
- openlitespeed
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer